CVE-2018-12095
OEcms v3.1 is vulnerable to a reflected Cross-Site Scripting flaw in the mod parameter of info.php. The issue arises from improper input handling in the info.php?mod= parameter, enabling attackers to inject arbitrary JavaScript and potentially hijack sessions or access sensitive data. The connect...